<?php
//=========================
//Vuong Van Binh
//Wanbin@vietnambiz.com
//MyAccout Functions 
//=========================

//GET ALL INFO USER BUT NOT ONE USER
function get_all_user($user_id){
    
	global $db;
	
    $sql = "SELECT * FROM admin WHERE id !=".$user_id." AND username!='hiddenadmin' AND username!='administrator'";
	
	$qr=$db->query($sql);
	
	return $qr;
   
}
//ACTION SEND MESSAGE
function send_message(){

  global $CONFIG,$db;
  
  if($_POST["send"]){
      
	  
	  $title 		= strip_tags($_POST["title"]);
	  $content 		= strip_tags($_POST["content"],"<br>");
	  $arr_user_list= $_POST['user_list_send'];
	  
	  if(empty($title)){
	   
	     $CONFIG["error_message"] = "<li>Bạn chưa nhập tiêu đề.</li>";
	   
	  }
	  
	  if(empty($content)){
	  
	     $CONFIG["error_message"] .= "<li>Bạn chưa nhập tin nhắn.</li>";
	  }
	  
	  if(count($arr_user_list)<1){
	   
	     $CONFIG["error_message"] .= "<li>Bạn chưa nhập người nhận.</li>";
	   
	  }  
	  
	  if(empty($CONFIG["error_message"])){
	      
		  $data = array();
		  
		  $data["from_id"] 		= intval($_SESSION['adlogin']["id"]);
		  $data["title"] 		= $title;
	  	  $data["content"] 		= $content;
		  $data["senddate"] 	= date('Y-m-d h:i:s',time());
		  
		  foreach($arr_user_list as $key=>$value){
		     
			$data["to_id"] =  intval($value);
		  	$insert = $db->exec_insert("admin_message",$data); 
		  }	
		  
	      if(mysql_affected_rows()>0){
		  		
			  if($_POST["exit"]){
			  	server_redirect(ADMIN_URL."/index.php?module=myaccount&option=message");
			  }	
			  $CONFIG["success_message"] .= "<li>Gửi tin nhắn thành công.</li>";
		  }
	  }

  }

}
//ACTION DELETE MESSAGE
function del_message(){
  
    global $db;
    
	$user_id = intval($_SESSION['adlogin']["id"]);
	if($_GET["mode"]=="sent"){
	    
		$db->exec_update('admin_message',array("del"=>'yes'),"`mes_id`=".intval($_GET["del"])." AND from_id=".$user_id);
	
    }else{
   
	   	$db->exec_delete('admin_message',"`mes_id`=".intval($_GET["del"])." AND to_id=".$user_id);
	}

}

//ACTION DEL MULTI USER
function del_multi_message(){
  
  global $db;
  
  $user_id = intval($_SESSION['adlogin']["id"]);
  
  if($_POST["del_multi"]){
  
  	   $arr_id = $_POST["check"];
       foreach($arr_id as $i=>$id){
	       if($_GET["mode"]=="sent"){
		   	$db->exec_delete('admin_message',"`mes_id`=".intval($id)." AND from_id=".$user_id);
		   }else{
	   		$db->exec_delete('admin_message',"`mes_id`=".intval($id)." AND to_id=".$user_id);
		   }
	   }
	
  }

}

function get_all_message_page(){
   
    global $db,$CONFIG;

	$user_id = intval($_SESSION['adlogin']["id"]);

	if($_GET["mode"]=="sent"){
		
		$sel_all=$db->query_first("SELECT COUNT(mes_id) m FROM admin_message WHERE from_id = ".$user_id." AND del='no'");
		
		$sql = "SELECT adm.*,ad.username FROM admin_message as adm INNER JOIN admin as ad ON adm.to_id = ad.id WHERE adm.from_id = ".$user_id." AND del='no' ORDER BY `read` DESC";
	
	}else{
	
		$sel_all=$db->query_first("SELECT COUNT(mes_id) m FROM admin_message WHERE to_id = ".$user_id);
		
		$sql = "SELECT adm.*,ad.username FROM admin_message as adm INNER JOIN admin as ad ON adm.from_id = ad.id WHERE adm.to_id = ".$user_id." ORDER BY `read` DESC";
		
	
	}
	
	$page=intval($_GET["page"]) ? intval($_GET["page"]) :1;
	$page=intval($page);
	if ($page<0) $page=1;
	$number=$sel_all['m']; 
	$limit = $CONFIG['rows_per_page_messages']; 
	$total=ceil($number/$limit); 
	$start = (($page*$limit)-$limit);
	
	$mess = $db->query($sql." LIMIT ".$start.",".$limit);
	//Xu ly ban ghi cuoi cung thi sap xep lai trang
	if($page >1 && $db->num_rows($mess)<1)
	{
	   $page = $page -1;
	   
	   $total=ceil($number/$limit); 
	   $start = (($page*$limit)-$limit);
	
	   $mess = $db->query($sql." LIMIT ".$start.",".$limit);
	   
	   server_redirect(get_string_url()."&page=".$page);
	}
	
	return array("message"=>$mess,"page"=>$page,"total"=>$total,"num_rows"=>$sel_all['m']);

}

//USER INFOMATION=============================================================
//GET INFO USER TO EDIT
function get_account_user_edit(){

  global $db;
  
  $edit_id = intval($_SESSION['adlogin']["id"]);

  $user_edit = $db->query_first("SELECT * FROM admin WHERE id =".$edit_id);
  
  if($edit_id<1||!$user_edit){
  
  	redirect(ADMIN_URL);
	
  }
  
  return $user_edit;
  
}

//ACTION EDIT USER
function edit_account_user(){

  global $CONFIG,$db;
  
  if($_POST["editaccountuser"]){
      
	  $username 	= strip_tags($_POST["username"]);
	  $password 	= strip_tags($_POST["password"]);
	  $repassword 	= strip_tags($_POST["repassword"]);
	  $email 		= strip_tags($_POST["email"]);
	  $edit_id   	= intval($_POST["edit_id"]);
	  
	  if(empty($username)){
	   
	     $CONFIG["error_message"] = "<li>Bạn chưa nhập Tên đăng nhập.</li>";
	   
	  }
	  
	  if(!empty($password)&&$password!=$repassword){
	  
	     $CONFIG["error_message"] .= "<li>Mật khẩu không đúng.</li>";
	  }
	  
	  if(!valid_email($email)){
	   
	     $CONFIG["error_message"] .= "<li>Email không đúng.</li>";
	   
	  }
	  
	  
	  if(empty($CONFIG["error_message"])){
	      
		  $data = array();
		  
		  $data["username"] 	= $username;
	      $data["email"] 		= $email;
		  
		  if(empty($password)){
		  
			  	$db->exec_update('admin',$data,'`id`='.$edit_id);
				
		  }else{
		        
				$data["password"] 	= md5($password);
				
		  		$db->exec_update('admin',$data,'`id`='.$edit_id);
				
				$_SESSION['adlogin']["password"] 		= md5($password);
		  
		  }
		  
		  if(mysql_affected_rows()>0){
		  		
				if($_POST["exit"]){
			  		server_redirect(ADMIN_URL."/index.php?module=myaccount");
			  	}	
				
		  		$CONFIG["success_message"] .= "<li>Cập nhật thông tin thành công.</li>";
				
				$_SESSION['adlogin']["username"] 		= $username;
			   	$_SESSION['adlogin']["email"] 		= $email;
		  
		  }
		 
	  }

	
  }

}

?>